------------------------------------------------------------------------------- DojoX Secure ------------------------------------------------------------------------------- Version 0.1 Release date: 07/04/2008 ------------------------------------------------------------------------------- Project state: alpha ------------------------------------------------------------------------------- Project authors Kris Zyp (kris@sitepen.com) ------------------------------------------------------------------------------- Project description DojoX Secure is a collection of tools for security, in particular for working with untrusted data and code. The following tools are a part of DojoX Secure: dojox.secure.capability - Object-capability JavaScript validation. This is a validator to run before eval to ensure that a script can't access or modify any objects outside of those specifically provided to it. dojox.secure.sandbox - Provides support for loading web pages, JSON, and scripts from other domains using XHR (and XHR plugins) with a safe subset library and sandboxed access to the DOM. dojox.secure.DOM - Provides a DOM facade that restricts access to a specified subtree of the DOM. The DOM facade uses getters/setters and lettables to emulate the DOM API. dojox.secure.OAuth - Future project to provide an implementation of OAuth. ------------------------------------------------------------------------------- Dependencies: Dojo Core (package loader). ------------------------------------------------------------------------------- Documentation ------------------------------------------------------------------------------- Installation instructions Grab the following from the Dojo SVN Repository: http://svn.dojotoolkit.org/var/src/dojo/dojox/trunk/secure/* Install into the following directory structure: /dojox/secure/ ...which should be at the same level as your Dojo checkout.